function create_account()
{
if ($this->user['type'] != 1) {
return 0;
}
if (strlen($_REQUEST['name']) < 2) {
$this->html['shipon_account_output'] = "Name is too short.";
} elseif (strlen($_REQUEST['username']) < 4) {
$this->html['shipon_account_output'] = "Username must be at least 4 characters (" . strlen($_REQUEST['username']) . ").";
} elseif (strlen($_REQUEST['password']) < 6) {
$this->html['shipon_account_output'] = "Password must be at least 6 characters.";
} else {
$users_result = query("SELECT id FROM `" . $this->user['database'] . "`.accounts WHERE username=?", array($_REQUEST['username']));
if (num_rows($users_result) < 1) {
$id = query_r("INSERT INTO `" . $this->user['database'] . "`.accounts\n\t\t\t\t\t\t\t (\n\t\t\t\t\t\t\t\t\t\tgroup_id, name, phone, ext, email, username, password, type\n\t\t\t\t\t\t\t )\n\t\t\t\t\t\t\t VALUES\n\t\t\t\t\t\t\t (\n\t\t\t\t\t\t\t\t\t'" . $this->user['group'] . "', ?, ?, ?, ?, ?, ?, 2\n\t\t\t\t\t\t\t )\n\t\t\t\t\t\t\t", array($_REQUEST['name'], $_REQUEST['phone'], $_REQUEST['ext'], $_REQUEST['email'], $_REQUEST['username'], md5($_REQUEST['password'])));
query("INSERT INTO `" . $this->user['database'] . "`.sessions\n\t\t\t\t\t\t(\n\t\t\t\t\t\t\tid, session_id, timestamp\n\t\t\t\t\t\t)\n\t\t\t\t\t\tVALUES\n\t\t\t\t\t\t(\n\t\t\t\t\t\t\t'" . $id . "','0','0'\n\t\t\t\t\t\t)\n\t\t\t\t\t");
$this->html['shipon_account_output'] = '<script type="text/javascript">
jQuery("#shipon_account_popup").dialog("close");
change_view("manage_accounts");
</script>';
} else {
$this->html['shipon_account_output'] = "User already exists.";
}
}
}
function links($cat = 0, $direction = "asc")
{
global $linksmessage, $prefix;
if ($direction != "asc" && $direction != "desc") {
$direction = "asc";
}
$out = "";
if ($cat) {
$query = "SELECT * FROM " . $prefix . "linkscat WHERE id=" . $cat . " ORDER BY nome";
} else {
$query = "SELECT * FROM " . $prefix . "linkscat ORDER BY nome";
}
if (!($cresult = dbquery($query))) {
die($linksmessage[4]);
}
$out .= "\n<div id=\"LNE_show\">\n";
while ($crow = fetch_array($cresult)) {
$out .= "<h3>" . decode($crow['descr']) . "</h3>\n";
$query = "SELECT * FROM " . $prefix . "links where hits=" . $crow[0] . " ORDER BY name " . $direction;
if (!($result = dbquery($query))) {
die($linksmessage[5]);
}
if (num_rows($result)) {
$out .= "<ul>\n";
while ($row = fetch_array($result)) {
$out .= "<li><a href=\"" . $row['link'] . "\" onclick=\"window.open(this.href,'_blank');return false;\">" . decode($row['name']) . "</a><div>" . decode($row['descr']) . "</div></li>\n";
}
$out .= "</ul>\n";
}
}
$out .= "</div>\n";
return $out;
}
/**
* returns $number news items from class $type
*/
function get_news($type, $number)
{
$news = "SELECT `ID`, `timestamp`, `subject`, `body` FROM `news` WHERE `class`='{$type}' ORDER BY `ID` DESC LIMIT {$number}";
connect_sql();
$news = @query($news) or die("Error getting the news.");
// see if we don't have any news
if (num_rows($news) == 0) {
return "No news.";
} else {
$to_return = "";
while ($row = result($news)) {
$id = $row->ID;
$timestamp = $row->timestamp;
$subject = stripslashes($row->subject);
$body = $row->body;
// convert line breaks to <br />'s
$body = str_replace("\\r\\n", "<br />", $body);
// for windows and IP protocols
$body = str_replace("\\n", "<br />", $body);
// for nix
$body = str_replace("\\r", "<br />", $body);
// for mac
$body = stripslashes($body);
$to_return .= $id . "::::" . $timestamp . "::::" . $subject . "::::" . $body . "_____";
}
return $to_return;
}
disconnect_sql();
}
function get_numrows($sql)
{
$result = query($sql);
$rowlist = num_rows($result);
mysql_free_result($result);
return $rowlist;
}
function init($data)
{
$history_xml = file_get_contents($this->user['folder'] . "/templates/history.xml");
$xml = new SimpleXMLElement($history_xml);
$req = array();
$req['entries_per_page'] = 10;
$req['search_string'] = isset($_REQUEST['search_string']) && $_REQUEST['search_string'] != 'Search' ? $_REQUEST['search_string'] : '';
$req['sort_column'] = isset($_REQUEST['sort_by']) ? $_REQUEST['sort_by'] : 'id';
$req['sort_order'] = isset($_REQUEST['sort_order']) ? $_REQUEST['sort_order'] : 'DESC';
$req['start_row'] = isset($_REQUEST['data']) ? $_REQUEST['data'] * 10 + 1 : 1;
$req['bill_to_code'] = $this->user['bill_to_code'];
$search_string = "1";
$s = "";
$var_array = array();
$fieldString = "id,ext_id,cons_name,sent,timestamp";
if (isset($_REQUEST['search_string']) && $_REQUEST['search_string'] != "Search") {
$s = $_REQUEST['search_string'];
$search_string = "(id LIKE ? OR bill_id LIKE ? OR timestamp LIKE ? OR cons_name LIKE ?)";
$var_array = array("%" . $s . "%", "%" . $s . "%", "%" . $s . "%", "%" . $s . "%");
}
$sort_by = 'id';
if (isset($_REQUEST['sort_by'])) {
$sort_by = $xml->content->column[(int) $_REQUEST['sort_by']]['key'];
} else {
$_REQUEST['sort_by'] = '0';
}
if (!isset($_REQUEST['sort_order'])) {
$_REQUEST['sort_order'] = "DESC";
}
$history_result = query("SELECT " . $fieldString . " FROM `" . $this->user['database'] . "`.shipments\n\t\t\t\t\t\t\t\tWHERE group_id='" . $this->user['group'] . "' AND " . $search_string . " AND ext_id > 0 ORDER BY " . $sort_by . " " . $_REQUEST['sort_order'] . " \n\t\t\t\t\t\t\t\t LIMIT " . $data * $xml->entries_per_page . "," . $xml->entries_per_page, $var_array);
$result_count = num_rows($history_result);
$num_result = query("SELECT id FROM `" . $this->user['database'] . "`.shipments WHERE group_id='" . $this->user['group'] . "' AND " . $search_string . " AND ext_id > 0", $var_array);
$num = num_rows($num_result);
$pageCount = ceil($num / $xml->entries_per_page);
// $titlebar_inputs = "<input type='text' class='shipon_input' id='shipon_history_search' value='Search'>";
// $history = $this->get_field_header('100%', 'history', $titlebar_inputs);
for ($i = 0; $i < $xml->entries_per_page; $i++) {
if ($i < $result_count) {
$shipment[] = fetch($history_result);
}
}
$history .= $this->get_paged_footer("#history", $xml->entries_per_page, $pageCount, $xml->page_numbers);
if (isset($_REQUEST['search_string'])) {
$this->return['inputs']['shipon_history_search'] = $_REQUEST['search_string'];
}
if (isset($_REQUEST['sort_by'])) {
$this->return['inputs']['shipon_history_sort_by'] = $_REQUEST['sort_by'];
} else {
$this->return['inputs']['shipon_history_sort_by'] = '0';
}
if (isset($_REQUEST['sort_order'])) {
$this->return['inputs']['shipon_history_sort_order'] = $_REQUEST['sort_order'];
}
$pagination = $this->get_paged_footer("#history", $xml->entries_per_page, $pageCount, $xml->page_numbers);
$this->smarty->assign('shipment', $shipment);
$this->smarty->assign('request', $req);
$this->smarty->assign('pagination', $pagination);
$this->html['shipon_content'] = $this->smarty->fetch('history/history.tpl');
}
/**
* sees if the user has any new mail
*/
function check_mail()
{
$user_id = $_SESSION['id'];
connect_sql();
$query = @query("SELECT * FROM `mail` WHERE `read`='0' AND `deleted`='0' AND `to`='{$user_id}'") or die("Error checking the database.");
$number = num_rows($query);
disconnect_sql();
return $number;
}
function format_address_array(&$return_array, $query_result, $attribute)
{
if (num_rows($query_result)) {
$address = fetch($query_result);
$keys = array_keys($address);
for ($i = 0; $i < count($keys); $i++) {
$new_key = $attribute . $keys[$i];
$return_array[$new_key] = $address[$keys[$i]];
}
}
}
function Check_Password_Reset($id, $code)
{
$date = date("Y-m-d");
$daterange = "'" . $date . " 00:00:00' AND '" . $date . " 23:59:59'";
$query = "SELECT * FROM `users` WHERE `id`='" . $id . "' AND `password_reset_code`='" . $code . "' AND `password_reset_date` BETWEEN " . $daterange . ";";
$users = query($query);
if ($users && num_rows($users) === 1) {
return true;
} else {
return false;
}
}
function send_mail_by_userid($userid, $subject, $text)
{
$userid = (int) $userid;
$sql = "SELECT u.email\n\t\tFROM " . PREF . "users AS u\n\t\tWHERE u.id={$userid}\n\t\tLIMIT 1";
$result = query($sql);
$rows = num_rows($result);
if (!$rows) {
return;
}
$emails = fetch_row($result);
return send_mail_to_first($emails, $subject, $text);
}
function libera_acesso($item, $id_conn)
{
if ($_SESSION['admin'] == '0') {
$sql = "SELECT tb_usuarioquaisacessos.usuarioquaisacessos_id FROM tb_acesso ";
$sql .= "INNER JOIN tb_usuarioquaisacessos ON (tb_usuarioquaisacessos.acesso_id = tb_acesso.acesso_id) ";
$sql .= "WHERE tb_acesso.acesso_nome='%s' ";
$sql .= "AND tb_usuarioquaisacessos.usuario_id = '%s' LIMIT 1";
$sql = sprintf($sql, mysql_real_escape_string($item), mysql_real_escape_string($_SESSION['usuario_id']));
$acessou = execute_query($sql, $id_conn);
if (!$acessou) {
$messagem = 'Query Inválida: ' . mysql_error() . "\n";
$messagem .= 'Pesquisa Inteira: ' . $sql;
die($messagem);
}
if (num_rows($acessou) == 0) {
header("Location: acesso_proibido.php");
exit(0);
}
}
}
function loginbypost()
{
global $LU, $attempt;
$post_get = new GetVarClass();
$email = $post_get->getemail("email");
$pw = $post_get->getvar("pw");
if (!$email || !$pw) {
return 0;
}
$subquery = "u.email='{$email}'";
$attempt = 1;
$sql = "SELECT u.id,u.pw\n\t\tFROM " . PREF . "users AS u\n\t\tWHERE {$subquery} AND (u.pwhash=MD5('{$pw}') OR '{$LU["moderid"]}'<>0) AND u.active\n\t\tLIMIT 1";
$result = query($sql);
$rows = num_rows($result);
if ($rows) {
list($LU["id"], $knownpw) = fetch_row($result);
if (!ALLOWMULTISESSIONS) {
dropallsessions($LU["id"]);
}
}
return $rows;
}
public function lookup($message) {
$name = $this->extractName($message);
if(empty($name))
return false;
if(($data = $this->cacheFetch($name)) !== false)
return $data;
$result = perform_query(
"SELECT * FROM lzecs" .
" WHERE name = '{$name}' LIMIT 1",
$this->dbLink, $_SERVER['PHP_SELF']
);
if(! num_rows($result) > 0)
return false;
$data = array();
$row = fetch_array($result, "ASSOC");
array_push($data, $name);
array_push($data, $row['preg_msg']);
array_push($data, $row['explanation']);
array_push($data, $row['action']);
array_push($data, $row['si']);
array_push($data, $row['psr']);
array_push($data, $row['suppress']);
array_push($data, $row['trig_amt']);
array_push($data, $row['trig_win']);
array_push($data, $row['vendor']);
array_push($data, $row['type']);
array_push($data, $row['class']);
array_push($data, $row['lastupdate']);
$this->cacheStore($name, $data);
return $data;
}
public function lookup($message)
{
$name = $this->extractName($message);
if (empty($name)) {
return false;
}
if (($data = $this->cacheFetch($name)) !== false) {
return $data;
}
$result = perform_query("SELECT message, explanation, action, datetime FROM " . CISCO_ERROR_TABLE . " WHERE name = '{$name}' LIMIT 1", $this->dbLink);
if (!num_rows($result) > 0) {
return false;
}
$data = array();
$row = fetch_array($result, "ASSOC");
array_push($data, $name);
array_push($data, $row['message']);
array_push($data, $row['explanation']);
array_push($data, $row['action']);
array_push($data, $row['datetime']);
$this->cacheStore($name, $data);
return $data;
}
function downloads($cat = 0)
{
global $downloadsmessage, $prefix;
if ($cat) {
$query = "SELECT * FROM " . $prefix . "downloadscat WHERE id=" . $cat . " ORDER BY nome";
} else {
if (!($crow = fetch_array(dbquery("SELECT * FROM " . $prefix . "downloadscat WHERE nome=\"Uploads\"")))) {
die($downloadsmessage[2]);
}
$query = "SELECT * FROM " . $prefix . "downloadscat WHERE id<>" . $crow['id'] . " ORDER BY nome";
}
if (!($cresult = dbquery($query))) {
die($downloadsmessage[2]);
}
$out .= "\n<div id=\"LNE_show\">\n";
while ($crow = fetch_array($cresult)) {
$out .= "<h3>" . decode($crow['descr']) . "</h3>";
$query = "SELECT * FROM " . $prefix . "downloads WHERE ex=" . $crow['id'] . " ORDER BY reg DESC";
if (!($result = dbquery($query))) {
die($downloadsmessage[3]);
}
if (num_rows($result)) {
$GETarray = $_GET;
$out .= "<ul>";
while ($row = fetch_array($result)) {
$GETarray['dlid'] = $row[0];
$out .= "<li><a href=\"addons/downloads/send.php?" . http_build_query($GETarray, '', '&') . "\" rel=\"nofollow\">" . decode($row[1]) . "</a></li>\n";
}
$out .= "</ul>";
} else {
$out .= "<h3>{$downloadsmessage['100']}</h3>";
}
}
$out .= "</div>\n";
return $out;
}
$msgsave = "Suppression effectuée";
}
if ($_POST["mode"] == "ajout") {
//vérification des droit du compte
$sql = "insert into " . __racinebd__ . "categorie_compte (libelle,compte_id) values('" . addquote($_POST["libelle"]) . "'," . $_SESSION["compte_id"] . ")";
//print $sql."<br>";
$link = query($sql);
$msgsave = "ajout";
}
if ($_POST["id"] != "" && $_POST["mode"] == "modif") {
//vérification des droit du compte
$sql = "update " . __racinebd__ . "categorie_compte set libelle ='" . addquote($_POST["libelle"]) . "' where categorie_compte_id=" . $_POST["id"] . " and compte_id=" . $_SESSION["compte_id"];
//print $sql."<br>";
$link = query($sql);
$msgsave = "modif";
}
$sql = "select * from " . __racinebd__ . "categorie_compte where compte_id=" . $_SESSION["compte_id"] . " and supprimer=0 order by libelle";
//$sql="select tlc.*,count(lc.device_id) as nb from ".__racinebd__."categorie_compte tlc left join ".__racinebd__."device lc on tlc.categorie_compte_id=lc.categorie_id and lc.supprimer=0 where tlc.supprimer=0 and lc.compte_id=".$_SESSION["compte_id"]." group by tlc.categorie_compte_id order by libelle";
$link = query($sql);
while ($tbl = fetch($link)) {
$sql = "select * from " . __racinebd__ . "categorie_compte_device ccd inner join " . __racinebd__ . "device d on d.device_id=ccd.device_id and supprimer=0 and categorie_compte_id=" . $tbl["categorie_compte_id"];
$link2 = query($sql);
$tbl["nb"] = num_rows($link2);
$tbl_list_categorie[] = $tbl;
// $key_list_agence[$tbl["categorie_compte_id"]]=$tbl["libelle"];
}
if ($_POST["id"] != "" && $_POST["mode"] == "") {
$sql = "select * from " . __racinebd__ . "categorie_compte where compte_id=" . $_SESSION["compte_id"] . " and categorie_compte_id=" . $_POST["id"] . " order by libelle";
$link = query($sql);
$tbl_modif_categorie = fetch($link);
}
function Get_Dictionary_Words($dictionary)
{
$query = "SELECT `w`.`word_id`, `w`.`name`, `w`.`pronunciation`, `w`.`part_of_speech`, `w`.`simple_definition`, `w`.`long_definition` ";
$query .= "FROM `words` AS `w` LEFT JOIN `dictionaries` AS `d` ON `w`.`dictionary`=`d`.`id` WHERE `w`.`dictionary`=" . $dictionary . " ";
$query .= "ORDER BY IF(`d`.`sort_by_equivalent`, `w`.`simple_definition`, `w`.`name`) COLLATE utf8_unicode_ci;";
$words = query($query);
$results = "";
$processed = 0;
if ($words) {
if (num_rows($words) > 0) {
while ($word = fetch($words)) {
$results .= '{"name":"' . $word['name'] . '",';
$results .= '"pronunciation":"' . $word['pronunciation'] . '",';
$results .= '"partOfSpeech":"' . $word['part_of_speech'] . '",';
$results .= '"simpleDefinition":"' . $word['simple_definition'] . '",';
$results .= '"longDefinition":"' . $word['long_definition'] . '",';
$results .= '"wordId":' . $word['word_id'] . '}';
// If it's the last one, then don't add a comma.
if (++$processed < num_rows($words)) {
$results .= ",";
}
}
}
}
return $results;
}
$retorno[] = array('nome' => utf8_encode($linhas[0]), 'info' => stripslashes(utf8_encode($linhas[1])), 'ativo' => $linhas[2]);
}
}
}
if (isset($_GET['familia'])) {
$sql = 'SELECT ';
$sql .= 'tb_genero.genero_id, tb_genero.genero_nome ';
$sql .= 'FROM ';
$sql .= 'tb_genero ';
$sql .= 'INNER JOIN tb_familiaquaisgeneros ON (tb_familiaquaisgeneros.genero_id = tb_genero.genero_id) ';
$sql .= 'WHERE ';
$sql .= 'tb_familiaquaisgeneros.familia_id=' . $_GET['familia'] . ' ';
$sql .= 'ORDER BY tb_genero.genero_nome';
$retorno_banco = execute_query($sql, $id_conn);
if ($retorno_banco) {
if (num_rows($retorno_banco) > 0) {
while ($linhas = fetch_array($retorno_banco)) {
$retorno[] = array('id' => $linhas[0], 'nome' => utf8_encode($linhas[1]));
}
} else {
$retorno[] = array('id' => '-1', 'sql' => 'Não há gêneros para a família');
}
} else {
$retorno[] = array('id' => '0', 'sql' => $sql);
}
}
if (isset($_GET['generos'])) {
$sql = 'SELECT ';
$sql .= 'genero_id, genero_nome ';
$sql .= 'FROM tb_genero ';
$sql .= 'WHERE NOT EXISTS ';
if (count($tab_path_info) > 2 && !__showlang__ || count($tab_path_info) >= 2 && __showlang__) {
//print "ici6";
//recherche de l'arbre_id
/*
for($i=3;$i<count($tab_path_info);$i++){
$j=$i-2;
$jointure.=" inner join ".__racinebd__."arbre a".$j." on a".$j.".arbre_id=a".($j-1).".pere inner join ".__racinebd__."contenu c".$j." on a".$j.".arbre_id=c".$j.".arbre_id and c".$j.".langue_id=".$_GET["la_langue"]." and c".$j.".nom='".$tab_path_info[count($tab_path_info)-($i-1)]."'";
}*/
for ($i = 2; $i < count($tab_path_info) - 1; $i++) {
$j = $i - 1;
$jointure .= " inner join " . __racinebd__ . "arbre a" . $j . " on a" . $j . ".arbre_id=a" . ($j - 1) . ".pere inner join " . __racinebd__ . "contenu c" . $j . " on a" . $j . ".arbre_id=c" . $j . ".arbre_id and c" . $j . ".langue_id=" . $_GET["la_langue"] . " and c" . $j . ".nom='" . $tab_path_info[count($tab_path_info) - $i] . "'";
}
$sql = "select a0.*,c.*,nom_fichier from \r\n " . __racinebd__ . "arbre a0 \r\n {$jointure} inner join\r\n " . __racinebd__ . "contenu c on a0.arbre_id=c.arbre_id and c.langue_id=" . $_GET["la_langue"] . " inner join " . __racinebd__ . "gabarit g on g.gabarit_id=a0.gabarit_id \r\n where c.nom ='" . $tab_path_info[count($tab_path_info) - 1] . "' and a0.etat_id=" . $_GET["etat_id"] . " and a0.supprimer=0 and (a0.root=" . __defaultfather__ . " or a0.root is null) " . $wheresecure2;
$link = query($sql);
//print $sql;
if (num_rows($link) > 0) {
$tbl_result = fetch($link);
//print $tbl_result["root"];
//print "ici";
if (count($tab_path_info) > 2) {
//recherche de l'arbre_id root
$sql2 = "select a.arbre_id,a.pere from " . __racinebd__ . "contenu c inner join " . __racinebd__ . "arbre a on c.arbre_id=a.arbre_id where nom = '" . $tab_path_info[2] . "' and pere is null and supprimer=0 and langue_id=" . $_GET["la_langue"];
$link2 = query($sql2);
$tbl_result2 = fetch($link2);
$_GET["root"] = $tbl_result2["arbre_id"];
$_GET["ordre_root"] = $tbl_result2["ordre"];
$_GET["arbre"] = $tbl_result["arbre_id"];
$_GET["pere"] = $tbl_result["pere"];
if (count($tab_path_info) > 3 && $_GET["root"] != "") {
$sql2 = "select a.arbre_id from " . __racinebd__ . "contenu c inner join " . __racinebd__ . "arbre a on c.arbre_id=a.arbre_id where nom = '" . $tab_path_info[3] . "' and pere =" . $_GET["root"] . " and supprimer=0 and langue_id=" . $_GET["la_langue"];
$link2 = query($sql2);
function uploads()
{
global $uploadsmessage, $prefix, $set;
if (file_exists("addons/uploads/lang/lang_" . $set['language'] . ".php")) {
require_once "addons/uploads/lang/lang_" . $set['language'] . ".php";
} else {
require_once "addons/uploads/lang/lang_en_US.php";
}
require_once "addons/uploads/settings.php";
if (!($crow = fetch_array(dbquery("SELECT * FROM " . $prefix . "downloadscat WHERE nome=\"Uploads\"")))) {
dbquery("INSERT INTO " . $prefix . "downloadscat (id, nome, descr) VALUES (null, \"Uploads\", \"Users upload here\")");
$crow = fetch_array(dbquery("SELECT * FROM " . $prefix . "downloadscat WHERE nome=\"Uploads\""));
}
$message = "";
if ($_POST['submitupload'] == "Add Upload") {
if ($_POST['secCode'] != $_SESSION['operation']) {
$message = $uploadsmessage[8];
} else {
$succeded = false;
$message = $_FILES["file"]["error"];
if ($_FILES['uploadedfile']['name'] != "") {
$_FILES['uploadedfile']['name'] = str_replace(" ", "_", $_FILES['uploadedfile']['name']);
$target_path = "./uploads/" . basename($_FILES['uploadedfile']['name']);
if (file_exists($target_path)) {
unlink($target_path);
}
if (move_uploaded_file($_FILES['uploadedfile']['tmp_name'], $target_path)) {
$succeded = true;
$message = $uploadsmessage[12];
@chmod($target_path, 0644);
} else {
$message = $uploadsmessage[11];
}
} else {
$message = $uploadsmessage[9];
}
if ($succeded) {
$filenam = basename($_FILES['uploadedfile']['name']);
$query = "INSERT INTO " . $prefix . "downloads (reg,nome,file,downloads,ex) VALUES (null,\"" . encode(sanitize($_POST['nome'])) . "\",\"{$filenam}\", 0, " . sanitize($_POST['cat']) . ")";
if (!dbquery($query)) {
$message = $uploadsmessage[10];
}
}
}
} else {
if ($_SESSION['adminlevel'] >= $adminlevel) {
$out .= "\n<div id=\"LNE_show\">\n";
$out .= "<div align=\"center\">\n<h3>{$uploadsmessage['5']}</h3>\n";
$out .= "<form enctype=\"multipart/form-data\" method=\"post\" action=\"\"><fieldset style=\"border: 0;\"><table>\n";
$out .= "<tr><td align=\"right\"><input type=\"hidden\" name=\"MAX_FILE_SIZE\" value=\"{$max_upload_file_size}\" /><b>{$uploadsmessage['13']}: </b></td>";
$out .= "<td><input type=\"text\" name=\"nome\" style=\"width: 100%;\" /></td></tr>\n";
$out .= "<tr><td align=\"right\"><b>{$uploadsmessage['5']}: </b></td><td><input style=\" text-align: left;\" name=\"uploadedfile\" type=\"file\" name=\"uploadfile\" />\n</td></tr>\n";
$out .= "<tr><td align=\"right\"><b>{$uploadsmessage['6']}: </b></td>\n";
if ($set['catchpa'] == "0") {
//text catchpa
srand((double) microtime() * 1000000);
$a = rand(0, 9);
$b = rand(0, 9);
$c = $a + $b;
$out .= "<td>{$a} + {$b} = ";
$_SESSION['operation'] = $c;
$out .= "<input type=\"text\" name=\"secCode\" maxlength=\"2\" style=\"width:20px\" /></td></tr>\n";
} else {
// image catchpa
$out .= "<td>";
$out .= catchpa();
/* $out.="<img src=\"./LightNEasy/seccode.php\" width=\"71\" height=\"21\" align=\"absmiddle\" />"; */
$out .= "</td></tr>\n";
}
$out .= "<tr><td></td><td><input type=\"hidden\" name=\"cat\" value=\"" . $crow['id'] . "\" /><input type=\"hidden\" name=\"submitupload\" value=\"Add Upload\" />\n";
$out .= "<input type=\"submit\" name=\"aaa\" value=\"{$uploadsmessage['7']}\" />\n";
$out .= "</td><td> </td></tr>\n</table>\n</fieldset>\n</form>\n</div>\n";
} else {
$out .= "<h3>{$uploadsmessage['21']}</h3>\n";
}
}
if ($message != "") {
$out .= "<h3 style=\"color: red;\">{$message}</h3>\n";
}
if (!($result = dbquery("SELECT * FROM " . $prefix . "downloads WHERE ex=" . $crow['id'] . " ORDER BY reg DESC"))) {
die($uploadsmessage[3]);
}
$out .= "<h3>{$uploadsmessage['14']}</h3>\n";
if (num_rows($result)) {
$GETarray = $_GET;
$out .= "<ul>";
while ($row = fetch_array($result)) {
$GETarray['dlid'] = $row['reg'];
$out .= "<li>" . decode($row['nome']) . "</li>\n";
}
$out .= "</ul>";
} else {
$out .= "<h3>{$uploadsmessage['4']}</h3>";
}
$out .= "</div>\n";
return $out;
}
function grant_access($userName, $actionName, $link)
{
// If ACL is not used then always return TRUE
if (!defined('USE_ACL') || !USE_ACL || !defined('REQUIRE_AUTH') || !REQUIRE_AUTH) {
return TRUE;
}
// Get user access
$sql = "SELECT access FROM " . USER_ACCESS_TABLE . " WHERE username='******' \n\t\t\tAND actionname='" . $actionName . "'";
$result = perform_query($sql, $link);
$row = fetch_array($result);
if (num_rows($result) && $row['access'] == 'TRUE') {
return TRUE;
} else {
$sql = "SELECT defaultaccess FROM " . ACTION_TABLE . " WHERE actionname='" . $actionName . "'";
$result = perform_query($sql, $link);
$row = fetch_array($result);
if ($row['defaultaccess'] == 'TRUE') {
return TRUE;
} else {
return FALSE;
}
}
}
<?php
if ($_POST["id"] != "" && $_POST["mode"] == "modif") {
//on verifie si il existe un enregistrement dans la table etat_moteur_compte
$sql = "select * from " . __racinebd__ . "etat_moteur_compte where etat_moteur_id=" . $_POST["id"] . " and compte_id=" . $_SESSION["compte_id"];
$link = query($sql);
if (num_rows($link) == 0) {
$sql = "insert into " . __racinebd__ . "etat_moteur_compte(etat_moteur_id,libelle,couleur,compte_id) values(" . $_POST["id"] . ",'" . addquote($_POST["libelle"]) . "','" . addquote($_POST["couleur"]) . "','" . $_SESSION["compte_id"] . "')";
} else {
$sql = "update " . __racinebd__ . "etat_moteur_compte set libelle='" . addquote($_POST["libelle"]) . "',couleur='" . addquote($_POST["couleur"]) . "' where compte_id=" . $_SESSION["compte_id"] . " and etat_moteur_id=" . $_POST["id"];
}
query($sql);
$msgsave = "Sauvegarde effectuée";
}
$sql = "select em.etat,em.etat_moteur_id,em.libelle,emc.libelle as lib2,couleur,defaultcouleur from " . __racinebd__ . "etat_moteur em left join\r\n " . __racinebd__ . "etat_moteur_compte emc on emc.etat_moteur_id=em.etat_moteur_id and compte_id=" . $_SESSION["compte_id"] . " order by libelle";
$link = query($sql);
while ($tbl = fetch($link)) {
//$tbl_list_etat[]=array("etat_moteur_id"=>$tbl["etat"],"libelle"=>(($tbl["lib2"]=="")?$tbl["libelle"]:$tbl["lib2"]));
$tbl_list_etat[] = $tbl;
}
if ($_POST["id"] != "") {
$sql = "select em.etat,em.etat_moteur_id,em.libelle,emc.libelle as lib2,couleur,defaultcouleur \r\n from " . __racinebd__ . "etat_moteur em left join\r\n " . __racinebd__ . "etat_moteur_compte emc on emc.etat_moteur_id=em.etat_moteur_id and compte_id=" . $_SESSION["compte_id"] . " where em.etat_moteur_id=" . $_POST["id"] . " order by libelle";
//print $sql."<br>";
$link = query($sql);
$tbl_modif = fetch($link);
}
function shownews($post_integra = 1, $post_cabecalho = 9, $comenta = 0, $categ = -1)
{
global $newsmessage, $set, $pagenum, $prefix;
if ($_GET['action'] == "delete" && is_intval($_GET['id']) && is_intval($_GET['commentid']) && $_SESSION['adminlevel'] > 3) {
dbquery("DELETE FROM " . $prefix . "comments WHERE id=" . $_GET['commentid']);
}
if (isset($_GET['id'])) {
if (!is_intval($_GET['id'])) {
die("news - Aha! Clever!");
} else {
$noticia_numero = $_GET['id'];
}
}
if ($noticia_numero != "") {
$query = "SELECT titulo,data,noticia,autor,email,visto, reg FROM " . $prefix . "noticias WHERE reg=" . $noticia_numero;
if ($categ > -1) {
$query .= " AND cat=" . $categ;
}
} else {
$query = "SELECT titulo, data, noticia, autor, email, visto, reg FROM " . $prefix . "noticias";
if ($categ > -1) {
$query .= " WHERE cat=" . $categ;
}
$query .= " ORDER BY reg DESC LIMIT 0, {$post_integra}";
}
$row = dbquery($query);
$first = false;
while ($row_db = fetch_array($row)) {
$out .= show_one_news($row_db['titulo'], $row_db['data'], $row_db['noticia'], $row_db['autor'], $row_db['email']);
//check if there are comments on this news
$res = dbquery("SELECT * FROM " . $prefix . "comments WHERE newsid=" . $row_db['reg'] . " ORDER BY time DESC");
$num = num_rows($res);
if ($_GET['showcomments'] == "1" || $comenta == 2) {
//show the comments
$ff = true;
$i = 0;
while ($row1 = fetch_array($res)) {
if ($ff) {
$out .= "<div class=\"LNEnews_comments\">" . $newsmessage[143] . ":</div>";
$ff = false;
}
$out .= "<div class=\"LNEnews_comment\">\n";
if ($_SESSION['adminlevel'] > 3) {
$out .= "\n<form method=\"post\" action=\"\" class=\"delete\">\n";
$out .= "<input type=\"hidden\" name=\"newsid\" value=\"" . $row1['newsid'] . "\" />\n";
$out .= "<input type=\"hidden\" name=\"id\" value=\"" . $row1['id'] . "\" />\n";
$out .= "<input type=\"hidden\" name=\"submit\" value=\"deletecomment\" />\n";
$out .= "<input type=\"image\" name=\"aaa\" src=\"images/editdelete.png\" value=\"\" title=\"{$newsmessage['174']}\" style=\"border: none; background: transparent; width: 16px; height: 16px;\"/>\n";
$out .= "</form>\n";
}
$out .= "<span class=\"time\">" . $newsmessage[112] . " " . data_formatada($row1['time']) . "</span>";
$out .= "<span class=\"text\">" . decode($row1['text']) . "</span>";
$out .= "<span class=\"poster\">" . $newsmessage[144] . ": </span>\n";
/* if($row1['postermail']!="")
$out.="<span class=\"author\"><a href=\"mailto:".decode($row1['postermail'])."\">".stripslashes(decode($row1['poster']))."</a></span>";
else */
$out .= "<span class=\"author\">" . stripslashes(decode($row1['poster'])) . "</span>";
$out .= "</div>\n";
unset($_GET['showcomments']);
}
} else {
if ($num) {
$out .= "<a href=\"" . $_SERVER['SCRIPT_NAME'] . "?page=" . $pagenum . "&id=" . $row_db['reg'] . "&showcomments=1\">" . $newsmessage[143] . ": " . $num . "</a><br />\n";
}
}
$out .= "\n<br />";
if (!$first && ($comenta == 2 || $comenta == 1 && $_SESSION['user'] != "")) {
$out .= commentform($row_db[6]);
}
$first = true;
$novo_visto = $row_db[5] + 1;
$query_add = dbquery("UPDATE " . $prefix . "noticias SET visto = {$novo_visto} WHERE reg = " . $row_db[6]);
}
$post_cabecalho_s = $post_cabecalho + $post_integra;
if ($noticia_numero != "") {
$query = "SELECT titulo, reg ,data, visto FROM " . $prefix . "noticias WHERE reg != " . $noticia_numero;
if ($categ > -1) {
$query .= " AND cat=" . $categ;
}
$query .= " ORDER BY reg DESC LIMIT 0, " . $post_cabecalho_s;
} else {
$query = "SELECT titulo, reg ,data, visto FROM " . $prefix . "noticias";
if ($categ > -1) {
$query .= " WHERE cat=" . $categ;
}
$query .= " ORDER BY reg DESC LIMIT {$post_integra}, " . $post_cabecalho_s;
}
$query = dbquery($query);
$GETarray = $_GET;
$first = true;
while ($row_db = fetch_array($query)) {
if ($first) {
$first = false;
$out .= "<div align=\"center\"><span style=\"font-size: 85%; font-weight: bold;\">{$newsmessage['113']}</span></div>";
$out .= "<table border='0' align='center'><tr><td>{$newsmessage['12']}</td><td>{$newsmessage['114']}</td><td>{$newsmessage['115']}</td></tr>";
}
$GETarray['id'] = $row_db[1];
$GETarray['showcomments'] = "0";
$call = $_SERVER['SCRIPT_NAME'] . "?" . http_build_query($GETarray, '', '&');
$out .= "<tr><td><a href=\"" . $call . "\">" . stripslashes(decode($row_db["0"])) . "</a></td><td>" . data_formatada($row_db["2"]) . "</td><td>" . $row_db["3"] . "</td></tr>";
}
if (!$first) {
$out .= "</table>";
}
$out .= "<span class=\"rss\">" . showrss() . "</span>\n";
return $out;
}
include_once "queryfunctions.php";
include_once "functions.php";
switch ($_POST["button"]) {
case "Agent":
agents();
break;
case "GetRates":
$conn = db_connect(HOST, USER, PASS, DB, PORT);
//check room availability
$roomid = $_POST["roomid"];
$sql = "Select rooms.roomid,rooms.roomno,rooms.status,booking.checkin_date,booking.checkout_date\n\t\tFrom rooms\n\t\tLeft Join booking ON rooms.roomid = booking.roomid\n\t\tWhere rooms.status = 'V' and rooms.roomid={$roomid}";
$results = mkr_query($sql, $conn);
$msg[0] = "";
$msg[1] = "";
AddSuccess($results, $conn, $msg);
if (num_rows($results) == 0) {
//rooms.status - could tell if room is locked/booked/reserverd/vacant
//get room id and find out status - to do
echo "<h2><blink>Sorry room is either occupied or reserved</blink></h2>";
} else {
echo "<h1>Room ready for occupancy</h1>";
}
//get rate if available
/*$booking_type=$_POST["booking_type"]; //direct booking / booking through agents
//$agents_ac_no=$_POST["agents_ac_no"]; //agents account code
$no_adults=$_POST["no_adults"]>1 ? 'D' : 'S'; //double or single
$meal_plan=$_POST["meal_plan"]; //meal plan - bed only/half board/bed & breakfast/full board
//$rate_type=$_POST["rate_type"]; //residence or non-residence
if ($booking_type='D'){ //direct booking
"Select rates.bookingtype,rates.occupancy,rates.ratesid,rates.rate_type,rates.currency,$meal_plan
From rates
$valid_topic = @query("SELECT 1 FROM `topics` WHERE `ID`='{$topic_id}' LIMIT 1") or die("Error getting information from the database.");
if (num_rows($valid_topic) == 0) {
cust_die("Invalid topic ID.");
}
// okay, it's valid: delete it (and associated posts).
@query("DELETE FROM `topics` WHERE `ID`='{$topic_id}' LIMIT 1") or die("Error deleting the topic.");
@query("UPDATE `posts` SET `deleted`='1' WHERE `topic_ID`='{$topic_id}'") or die("Error deleting the topic's posts.");
print "Done.";
} elseif (isset($_GET['p'])) {
// see if $_GET['p'] is a valid post
if ($_GET['p'] == "" || is_numeric($_GET['p']) === FALSE) {
cust_die("Invalid post ID.");
}
$post_id = escape_string($_GET['p']);
$valid_post = @query("SELECT 1 FROM `posts` WHERE `post_ID`='{$post_id}' LIMIT 1") or die("Error getting information from the database.");
if (num_rows($valid_post) == 0) {
cust_die("Invalid post ID.");
}
// okay, it's valid: delete the post
@query("UPDATE `posts` SET `deleted`='1' WHERE `post_ID`='{$post_id}' LIMIT 1") or die("Error deleting the post.");
print "Done.";
}
}
}
}
print "<table name=\"topics\" class=\"posttable\">";
// display the posts from the topic, if the user has chosen one
if (isset($_GET['topic'])) {
if ($_GET['topic'] == "" && is_numeric($_GET['topic']) === FALSE) {
cust_die("Invalid class ID.");
}
$link_droit = query($sql);
if (num_rows($link_droit) > 0) {
// Rapport conducteur journalier
print "debut rapport vehicule jour<br>";
require "rapport-vehicule-jour.php";
print "fin rapport vehicule jour<br>";
}
}
if ($_GET["typecron"] == "semaine") {
$sql = "select * from " . __racinebd__ . "rapport_usersgps rug \r\n inner join " . __racinebd__ . "rapport r on rug.rapport_id=r.rapport_id\r\n where usergps_id=" . $_SESSION["users_id"] . " and r.rapport_id=9";
$link_droit = query($sql);
if (num_rows($link_droit) > 0) {
// Rapport conducteur hebdomadaire
print "debut rapport vehicule semaine<br>";
require "rapport-vehicule-hebdo.php";
print "fin rapport vehicule semaine<br>";
}
}
if ($_GET["typecron"] == "mois") {
$sql = "select * from " . __racinebd__ . "rapport_usersgps rug \r\n inner join " . __racinebd__ . "rapport r on rug.rapport_id=r.rapport_id\r\n where usergps_id=" . $_SESSION["users_id"] . " and r.rapport_id=10";
$link_droit = query($sql);
if (num_rows($link_droit) > 0) {
// Rapport conducteur mensuel
print "debut rapport vehicule mensuel<br>";
require "rapport-vehicule-mensuel.php";
print "fin rapport vehicule mensuel<br>";
}
}
}
}
}
function getAvailability($object_id, $start_date, $duration)
{
// used for stacking booking
global $database_name, $date_format;
$array_duration = explode("|", $duration);
// d|h|i
$duration_stamp = $array_duration[0] * 86400 + $array_duration[1] * 3600 + $array_duration[2] * 60;
$sql = "SELECT book_id, book_start, book_end FROM rs_data_bookings ";
$sql .= "WHERE object_id = " . $object_id . " ";
$sql .= "AND book_end > '" . $start_date . "' ";
$sql .= "ORDER BY book_end ASC;";
$temp = db_query($database_name, $sql, "no", "no");
$book_start = "";
$previous_book_end = $start_date;
if (num_rows($temp)) {
while ($temp_ = fetch_array($temp)) {
$hole_start = strtotime($previous_book_end);
$hole_end = strtotime($temp_["book_start"]);
if ($duration_stamp <= $hole_end - $hole_start) {
$book_start = $hole_start;
break;
// exits while loop
}
$previous_book_end = $temp_["book_end"];
}
$hole_start = strtotime($previous_book_end);
$hole_end = strtotime($temp_["book_start"]);
$book_start = $hole_start;
} else {
$book_start = date($date_format . " H:i", strtotime($start_date));
}
return date($date_format . " H:i", $book_start);
}
tryfunc("gd_info", "php_gd");
tryfunc("ioncube_license_properties", "ionCube Loader");
tryfunc("json_encode", "json");
if($_SESSION['AUTHTYPE'] == "none") {
$username = "******";
$sessionId = session_id();
$act = "login from local_noauth";
action($act);
$_SESSION["pageId"] = (empty($_GET["pageId"])?"searchform":$_GET["pageId"]) ;
$_SESSION["username"] = '******';
$destination = $_SESSION['SITE_URL']."index.php";
$dbLink = db_connect_syslog(DBADMIN, DBADMINPW);
$sql = "SELECT * FROM ui_layout WHERE userid=(SELECT id FROM users WHERE username='******')";
$res = perform_query($sql, $dbLink, $_SERVER['PHP_SELF']);
if(num_rows($res)==0){
$sql = "INSERT INTO ui_layout (userid, pagename, col, rowindex, header, content, group_access) SELECT (SELECT id FROM users WHERE username='******'),pagename,col,rowindex,header,content,group_access FROM ui_layout WHERE userid=0";
$res = perform_query($sql, $dbLink, $_SERVER['PHP_SELF']);
}
if (!empty($_SERVER['QUERY_STRING']))
{
$destination .= '?' . $_SERVER['QUERY_STRING'];
}
g_redirect($destination, "JS"); // Redirect unauthenticated member
}
if ($_POST) {
if (auth($_POST) == $_SESSION["username"]) {
$act = "logged in";
action($act);
function users()
{
global $langmessage, $prefix;
$out = "<h2>{$langmessage['154']}</h2>\n<hr />\n";
if ($_GET['id'] != "" && !is_intval($_GET['id']) || $_GET['pag'] != "" && !is_intval($_GET['pag'])) {
die($langmessage[98]);
}
if ($_GET['action'] == "deleteuser") {
$result = dbquery('SELECT * FROM ' . $prefix . 'users WHERE id=' . $_GET['id']);
if ($row = fetch_array($result)) {
if ($_SESSION['adminlevel'] >= $row['adminlevel']) {
$out .= userform($_GET['id'], $row, true);
}
}
} elseif ($_GET['action'] == "edituser") {
$result = dbquery('SELECT * FROM ' . $prefix . 'users WHERE id=' . $_GET['id']);
if ($row = fetch_array($result)) {
$out .= userform($_GET['id'], $row);
}
} else {
$out .= userform();
}
$out .= "<div style=\"margin-top: 20px;\">\n<table style=\"border: none;\">\n";
$multy = false;
$result = dbquery('SELECT * FROM ' . $prefix . 'users ORDER BY handle');
$pages = num_rows($result);
if ($pages > 25) {
if ($_GET['pag'] == "") {
$_GET['pag'] = 1;
}
$query = "SELECT * FROM " . $prefix . "users ";
if (isset($_GET['letter'])) {
$query .= "WHERE UPPER(SUBSTR(handle,1,1))=\"" . sanitize($_GET['letter']) . "\" ";
}
$query .= "ORDER BY handle limit " . ($_GET['pag'] - 1) * 25 . ", 25";
$result = dbquery($query);
$pagebar = "<tr><td colspan=\"6\" align=\"left\"><a href=\"LightNEasy.php?page=index&do=users";
if (isset($_GET['letter'])) {
$pagebar .= "&letter=" . sanitize($_GET['letter']);
}
$pagebar .= "&pag=";
if ($_GET['pag'] > 1) {
$pagebar .= $_GET['pag'] - 1;
} else {
$pagebar .= $_GET['pag'];
}
$pagebar .= "\"><</a> ";
$result1 = dbquery("SELECT DISTINCT UPPER(SUBSTR(handle,1,1)) as letter FROM " . $prefix . "users ORDER BY handle ASC");
while ($row = fetch_array($result1)) {
$pagebar .= "<a href=\"LightNEasy.php?page=index&do=users&letter=" . $row['letter'] . "&pag=1\">" . $row['letter'] . "</a> ";
}
$pagebar .= " <a href=\"LightNEasy.php?page=index&do=users";
if (isset($_GET['letter'])) {
$pagebar .= "&letter=" . sanitize($_GET['letter']);
}
$pagebar .= "&pag=";
if ($pages > $_GET['pag'] * 25) {
$pagebar .= $_GET['pag'] + 1;
} else {
$pagebar .= $_GET['pag'];
}
$pagebar .= "\"> ></a></td></tr>\n";
$out .= $pagebar;
$multy = true;
}
while ($row = fetch_array($result)) {
$out .= "<tr><td><a href=\"" . $_SERVER['SCRIPT_NAME'] . "?do=users&action=edituser&id=" . $row['id'] . "\"><img style=\"padding: none; border: none;\" src=\"images/edit.png\" alt=\"edit\" /></a></td>";
$out .= "<td><a href=\"" . $_SERVER['SCRIPT_NAME'] . "?do=users&action=deleteuser&id=" . $row['id'] . "\"><img style=\"padding: none; border: none;\" src=\"images/editdelete.png\" alt=\"delete\" /></a></td>";
$out .= "<td><b>" . decode($row['handle']) . "</b></td><td>" . $row['adminlevel'] . "</td><td>" . $row['ip'] . "</td><td>" . strftime("%m/%d/%y", $row['datejoined']) . "</td></tr>\n";
}
if ($multy) {
$out .= $pagebar;
}
$out .= "</table>\n</div>\n";
return $out;
}
<?php
session_start();
error_reporting(E_ALL & ~E_NOTICE);
include_once "login_check.inc.php";
include_once "queryfunctions.php";
include_once "functions.php";
access("reservation");
//check if user is allowed to access this page
$conn = db_connect(HOST, USER, PASS, DB, PORT);
if (isset($_GET["search"]) && !empty($_GET["search"])) {
find($_GET["search"]);
}
if (isset($_POST['Navigate'])) {
//echo $_SESSION["strOffSet"];
$nRecords = num_rows(mkr_query("select * from guests", $conn), $conn);
paginate($nRecords);
free_result($results);
find($_SESSION["strOffSet"]);
}
$guestid = $_POST['guestid'];
if (isset($_POST['Submit'])) {
$action = $_POST['Submit'];
switch ($action) {
case 'Guest Reservation':
//if guest has not been selected exit
// instantiate form validator object
$fv = new formValidator();
//from functions.php
if (empty($_POST["guestid"])) {
//if no guest has been selected no point in displaying other errors
//alarme de vitesse
//on regarde si la personne doit recevoir ces alertes
$sql = "select * from " . __racinebd__ . "rapport_usersgps where rapport_id=11 and usergps_id=" . $tbl_user["usergps_id"];
//print $sql;
$linkalerte = query($sql);
if ($linkalerte) {
//recherche des vehicules du compte géré par cet utilisateur qui ont des alarmes de vitesse
$sql = getsqllistvehicule() . " and vitessemax!='0.00'";
//print $sql."<br>";
$link_vehicule = query($sql);
while ($tbl_list_vehicule = fetch($link_vehicule)) {
//on liste des enregistrement de la table position pendant l'interval d'alerte
$sql = "select * from positions where device_id=" . $tbl_list_vehicule["traccar_device_id"] . " and time>='" . $dernierdatedebut . "' and time<'" . $nouveldatedebut . "' and speed>'" . inversevitessekmh($tbl_list_vehicule["vitessemax"]) . "'";
//print $sql."<br>";
$linkvitesse = query($sql);
if (num_rows($linkvitesse) > 0) {
$html = "Bonjour,<br> le véhicule " . $tbl_list_vehicule["nomvehicule"] . " \r\n (" . $tbl_list_vehicule["immatriculation"] . ") à été controlé à une vitesse de :";
while ($tbl_vitesse = fetch($linkvitesse)) {
$adresse = str_replace(", France", "", getAddess($tbl_vitesse["latitude"], $tbl_vitesse["longitude"]));
$datelieu = "<br>" . affichedatetime($tbl_vitesse["time"]) . "<br>" . $adresse;
$html .= "<br>" . vitessekmh($tbl_vitesse["speed"]) . " km/h à " . $datelieu . "<br>";
}
$html .= "Sa vitesse maximale autorisée est de " . $tbl_list_vehicule["vitessemax"] . " km/h";
//print $html;
sendmailmister('', '', 'Alarme vitesse véhicule ' . $tbl_list_vehicule["nomvehicule"], $html, $_SESSION["email"]);
}
}
}
//a decommenter
$sql = "update " . __racinebd__ . "preference_compte set lastenvoi=now() where compte_id=" . $_SESSION["compte_id"];
query($sql);